Safe Data Procedures
Last updated August 14, 2014
To protect our College, we all need to protect our data. Many organizations have lost reputations, customers, and money by losing data. Please observe the following rules:
- Know the types of sensitive data.
- Personally identifying information is anything that can be tied to an individual's identity. This information is important in many legal requirements. Examples include names, phone numbers, and opinions.
- Confidential information is anything that should be shared only with care. This information is important to FERPA and our relationship with the public. Examples include grades, meeting notes, and correspondence.
- Essential information is anything that is needed for Morningside to stay in business. This information needs to be kept available and accurate for emergencies and daily operations. Examples include procedures, references, and accountings.
- Know the difference between "local" and "remote" data use.
- Local data is on flash drives, CDs, and the C: hard drive. Use these locations for data that is not important to the College. Do not use these locations for sensitive data.
- Remote data is on Morningside servers, Google servers, or other “cloud-based” services. Keep all data that is important to Morningside on Morningside servers, and only on Morningside servers.
- Do not copy Morningside data from remote servers to local devices. When at home, viewing data is OK but downloading data is not.
- Do not send sensitive college data to vendors or upload to remote sites without the authorization of your superior. Vendors need secure data policies and we need to establish agreements.
- Keep your passwords secure.
- Do not share your Morningside logon or password with anyone.
- Passwords should be complicated, unique, and changed frequently.
- Never store a password in a document, folder, or email with the name “password.”
- When using your own computer (one that only YOU use):
- Log-off, or lock, your computer when you leave it unattended.
- Log off your computer at the end of the day. Keep desktop computers on overnight so that security updates will install automatically. Keep laptops off when not in use to avoid overheating.
- When using laptops:
- Laptops with sensitive data must be password protected, and can be used off-campus only by authorized users.
- When a laptop is used off campus, keep an inventory of the data that is on it.
- When using shared or public computers:
- Never download sensitive data.
- Never let a public or shared computer remember your password.
- If you suspect...
- If you suspect that any sensitive data may have been lost or stolen, Call the Tech Services Center immediately at 274-5544.